Differential D15798 Diff 43753 tests/sys/audit/file-attribute-access.c

Changeset View

Standalone View

tests/sys/audit/file-attribute-access.c

	Show All 34 Lines
	#include <fcntl.h>			#include <fcntl.h>
	#include <unistd.h>			#include <unistd.h>

	#include "utils.h"			#include "utils.h"

	static struct pollfd fds[1];			static struct pollfd fds[1];
	static mode_t mode = 0777;			static mode_t mode = 0777;
	static pid_t pid;			static pid_t pid;
	static int filedesc;			static fhandle_t fht;
				static int filedesc, fhdesc;
	static char extregex[80];			static char extregex[80];
	static struct stat statbuff;			static struct stat statbuff;
	static struct statfs statfsbuff;			static struct statfs statfsbuff;
	static const char *auclass = "fa";			static const char *auclass = "fa";
	static const char *path = "fileforaudit";			static const char *path = "fileforaudit";
	static const char *errpath = "dirdoesnotexist/fileforaudit";			static const char *errpath = "dirdoesnotexist/fileforaudit";
	static const char successreg = "fileforaudit.return,success";			static const char successreg = "fileforaudit.return,success";
	static const char failurereg = "fileforaudit.return,failure";			static const char failurereg = "fileforaudit.return,failure";
	▲ Show 20 Lines • Show All 313 Lines • ▼ Show 20 Lines
	}			}

	ATF_TC_CLEANUP(getfsstat_failure, tc)			ATF_TC_CLEANUP(getfsstat_failure, tc)
	{			{
	cleanup();			cleanup();
	}			}


				ATF_TC_WITH_CLEANUP(fhopen_success);
				ATF_TC_HEAD(fhopen_success, tc)
				{
				atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
				"fhopen(2) call");
				}

				ATF_TC_BODY(fhopen_success, tc)
				{
				pid = getpid();
				snprintf(extregex, sizeof(extregex), "fhopen.%d.return,success", pid);

				/* File needs to exist to get a file-handle */
				ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
				/* Get the file handle to be passed to fhopen(2) */
				ATF_REQUIRE_EQ(0, getfh(path, &fht));
				asomersUnsubmitted Not Done Inline Actions Do you have a test for `getfh` itself anywhere? asomers: Do you have a test for `getfh` itself anywhere?
				aniketpAuthorUnsubmitted Not Done Inline Actions Yes @asomers, I have tested `getfh(2)` which is weirdly audited as `nfs_getfh(2)`, and that too in administrative audit class. Here is the test for nfs_getfh(2) : https://github.com/aniketp/AuditTestSuite/blob/master/audit/administrative.c#L157 aniketp: Yes @asomers, I have tested `getfh(2)` which is weirdly audited as `nfs_getfh(2)`, and that too…

				FILE *pipefd = setup(fds, auclass);
				ATF_REQUIRE((fhdesc = fhopen(&fht, O_RDWR)) != -1);
				check_audit(fds, extregex, pipefd);

				close(fhdesc);
				close(filedesc);
				}

				ATF_TC_CLEANUP(fhopen_success, tc)
				{
				cleanup();
				}


				ATF_TC_WITH_CLEANUP(fhopen_failure);
				ATF_TC_HEAD(fhopen_failure, tc)
				{
				atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
				"fhopen(2) call");
				}

				ATF_TC_BODY(fhopen_failure, tc)
				{
				const char regex = "fhopen.return,failure : Invalid argument";
				FILE *pipefd = setup(fds, auclass);
				/*
				* Failure reason: NULL does not represent any file handle
				asomersUnsubmitted Not Done Inline Actions This is a read from uninitialized memory, and isn't guaranteed to fail. Better would be to deliberately construct an invalid `fhandle_t`. However, I don't see any obvious way to do that. So a better test might be to call `fhopen` with a valid `fhandle_t`, but make it fail for some other reason. For example, the man page says it will fail if `O_CREAT` is set. asomers: This is a read from uninitialized memory, and isn't guaranteed to fail. Better would be to…
				* and O_CREAT is not allowed as the flag for fhopen(2)
				*/
				ATF_REQUIRE_EQ(-1, fhopen(NULL, O_CREAT));
				check_audit(fds, regex, pipefd);
				}

				ATF_TC_CLEANUP(fhopen_failure, tc)
				{
				cleanup();
				}


				ATF_TC_WITH_CLEANUP(fhstat_success);
				ATF_TC_HEAD(fhstat_success, tc)
				{
				atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
				"fstat(2) call");
				}

				ATF_TC_BODY(fhstat_success, tc)
				{
				pid = getpid();
				snprintf(extregex, sizeof(extregex), "fhstat.%d.return,success", pid);

				/* File needs to exist to get a file-handle */
				ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
				/* Get the file handle to be passed to fhstat(2) */
				ATF_REQUIRE_EQ(0, getfh(path, &fht));

				FILE *pipefd = setup(fds, auclass);
				ATF_REQUIRE_EQ(0, fhstat(&fht, &statbuff));
				check_audit(fds, extregex, pipefd);
				close(filedesc);
				}

				ATF_TC_CLEANUP(fhstat_success, tc)
				{
				cleanup();
				}


				ATF_TC_WITH_CLEANUP(fhstat_failure);
				ATF_TC_HEAD(fhstat_failure, tc)
				{
				atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
				"fhstat(2) call");
				}

				ATF_TC_BODY(fhstat_failure, tc)
				{
				const char regex = "fhstat.return,failure : Bad address";
				asomersUnsubmitted Not Done Inline Actions Another read from uninitialized memory here. asomers: Another read from uninitialized memory here.
				FILE *pipefd = setup(fds, auclass);
				/* Failure reason: NULL does not represent any file handle */
				ATF_REQUIRE_EQ(-1, fhstat(NULL, NULL));
				check_audit(fds, regex, pipefd);
				}

				ATF_TC_CLEANUP(fhstat_failure, tc)
				{
				cleanup();
				}


				ATF_TC_WITH_CLEANUP(fhstatfs_success);
				ATF_TC_HEAD(fhstatfs_success, tc)
				{
				atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
				"fstatfs(2) call");
				}

				ATF_TC_BODY(fhstatfs_success, tc)
				{
				pid = getpid();
				snprintf(extregex, sizeof(extregex), "fhstatfs.%d.success", pid);

				/* File needs to exist to get a file-handle */
				ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
				/* Get the file handle to be passed to fhstatfs(2) */
				ATF_REQUIRE_EQ(0, getfh(path, &fht));

				FILE *pipefd = setup(fds, auclass);
				ATF_REQUIRE_EQ(0, fhstatfs(&fht, &statfsbuff));
				check_audit(fds, extregex, pipefd);
				close(filedesc);
				}

				ATF_TC_CLEANUP(fhstatfs_success, tc)
				{
				cleanup();
				}


				ATF_TC_WITH_CLEANUP(fhstatfs_failure);
				ATF_TC_HEAD(fhstatfs_failure, tc)
				{
				atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
				"fhstatfs(2) call");
				}

				ATF_TC_BODY(fhstatfs_failure, tc)
				{
				const char regex = "fhstatfs.return,failure : Bad address";
				asomersUnsubmitted Not Done Inline Actions And here. asomers: And here.
				FILE *pipefd = setup(fds, auclass);
				/* Failure reason: NULL does not represent any file handle */
				ATF_REQUIRE_EQ(-1, fhstatfs(NULL, NULL));
				check_audit(fds, regex, pipefd);
				}

				ATF_TC_CLEANUP(fhstatfs_failure, tc)
				{
				cleanup();
				}


	ATF_TP_ADD_TCS(tp)			ATF_TP_ADD_TCS(tp)
	{			{
	ATF_TP_ADD_TC(tp, stat_success);			ATF_TP_ADD_TC(tp, stat_success);
	ATF_TP_ADD_TC(tp, stat_failure);			ATF_TP_ADD_TC(tp, stat_failure);
	ATF_TP_ADD_TC(tp, lstat_success);			ATF_TP_ADD_TC(tp, lstat_success);
	ATF_TP_ADD_TC(tp, lstat_failure);			ATF_TP_ADD_TC(tp, lstat_failure);
	ATF_TP_ADD_TC(tp, fstat_success);			ATF_TP_ADD_TC(tp, fstat_success);
	ATF_TP_ADD_TC(tp, fstat_failure);			ATF_TP_ADD_TC(tp, fstat_failure);
	ATF_TP_ADD_TC(tp, fstatat_success);			ATF_TP_ADD_TC(tp, fstatat_success);
	ATF_TP_ADD_TC(tp, fstatat_failure);			ATF_TP_ADD_TC(tp, fstatat_failure);

	ATF_TP_ADD_TC(tp, statfs_success);			ATF_TP_ADD_TC(tp, statfs_success);
	ATF_TP_ADD_TC(tp, statfs_failure);			ATF_TP_ADD_TC(tp, statfs_failure);
	ATF_TP_ADD_TC(tp, fstatfs_success);			ATF_TP_ADD_TC(tp, fstatfs_success);
	ATF_TP_ADD_TC(tp, fstatfs_failure);			ATF_TP_ADD_TC(tp, fstatfs_failure);

	ATF_TP_ADD_TC(tp, getfsstat_success);			ATF_TP_ADD_TC(tp, getfsstat_success);
	ATF_TP_ADD_TC(tp, getfsstat_failure);			ATF_TP_ADD_TC(tp, getfsstat_failure);

				ATF_TP_ADD_TC(tp, fhopen_success);
				ATF_TP_ADD_TC(tp, fhopen_failure);
				ATF_TP_ADD_TC(tp, fhstat_success);
				ATF_TP_ADD_TC(tp, fhstat_failure);
				ATF_TP_ADD_TC(tp, fhstatfs_success);
				ATF_TP_ADD_TC(tp, fhstatfs_failure);

	return (atf_no_error());			return (atf_no_error());
	}			}